CVE-2022-2356

CVE-2022-2356CVE-2022-2356

mediajedi / user_private_files

Description

The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded.

Scoring

CVSS 8.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Last modified2026-06-23
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.